Exiv2 v0.28.3

(cherry picked from commit c5b922c)

# Conflicts:
#	CMakeLists.txt
#	doc/ChangeLog
#	meson.build
#	po/exiv2.pot

Author: kevinbackhouse

CMakeLists.txt

@@ -1,6 +1,7 @@
 # Minimum version imposed by Ubuntu:20.04
 cmake_minimum_required(VERSION 3.16.3)
 
+<<<<<<< HEAD
 # use TWEAK to categorize the build:
 #
 # * 1.00.0    = GM               (tagged and released)
@@ -15,6 +16,12 @@ project(
   VERSION 1.00.0.9
   DESCRIPTION "Exif/IPTC/Xmp C++ metadata library and tools plus ICC Profiles, Previews and more."
   LANGUAGES C CXX
+=======
+project(exiv2
+    VERSION 0.28.3
+    DESCRIPTION    "Exif/IPTC/Xmp C++ metadata library and tools plus ICC Profiles, Previews and more."
+    LANGUAGES C CXX
+>>>>>>> c5b922cf5 (Exiv2 v0.28.3)
 )
 
 # Shared Object versioning (SemVer-like: must bump major on API breakage)

SECURITY.md

@@ -7,6 +7,7 @@
 | v0.28            | 2023-05-08 | v0.28.0 | 0.28.x           | v0.28.0                | 2023-05-08 | v0.28.0 |
 |                  |            |         |                  | v0.28.1                | 2023-11-06 | v0.28.1 |
 |                  |            |         |                  | v0.28.2                | 2024-02-13 | v0.28.2 |
+|                  |            |         |                  | v0.28.3                | 2024-07-08 | v0.28.3 |
 | v0.27            | 2018-12-20 | 0.27    | 0.27-maintenance | v0.27.0                | 2018-12-20 | v0.27.0 |
 |                  |            |         |                  | v0.27.1                | 2019-04-18 | v0.27.1 |
 |                  |            |         |                  | v0.27.2                | 2019-07-29 | v0.27.2 |

doc/ChangeLog

@@ -1,3 +1,77 @@
+<<<<<<< HEAD
+=======
+Changes from version 0.28.2 to 0.28.3
+-------------------------------------
+
+Release Notes:
+
+* https://github.com/Exiv2/exiv2/issues/3008
+* https://github.com/Exiv2/exiv2/milestone/14?closed=1
+
+This release also fixes a low-severity security issue in asfvideo.cpp:
+
+* [CVE-2024-39695](https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh): out-of-bounds read in AsfVideo::streamProperties.
+
+This vulnerability is in a new feature (ASF video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.
+
+Changes from version 0.28.1 to 0.28.2
+-------------------------------------
+
+Release Notes:
+
+* https://github.com/Exiv2/exiv2/issues/2914
+* https://github.com/Exiv2/exiv2/milestone/13?closed=1
+
+This release also fixes two low-severity security issues in quicktimevideo.cpp:
+
+* [CVE-2024-24826](https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w): out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
+* [CVE-2024-25112](https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36): denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder.
+
+These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.
+
+Changes from version 0.28.0 to 0.28.1
+-------------------------------------
+
+Release Notes:
+https://github.com/Exiv2/exiv2/issues/2813
+
+This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r), an out-of-bounds write in `BmffImage::brotliUncompress`. The vulnerability is in new code that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.
+
+Changes from version 0.27.6 to 0.28.0
+-------------------------------------
+
+Release Notes:
+https://github.com/Exiv2/exiv2/issues/2406#issuecomment-1529139799
+
+Changes from version 0.27.5 to 0.27.6
+-------------------------------------
+
+Closed:
+https://github.com/Exiv2/exiv2/milestone/10?closed=1
+
+Open:
+https://github.com/Exiv2/exiv2/milestone/10?open=1
+
+Release Notes:
+https://github.com/Exiv2/exiv2/issues/2406#issuecomment-1383302378
+
+Changes from version 0.27.4 to 0.27.5
+-------------------------------------
+
+Closed:
+https://github.com/Exiv2/exiv2/milestone/9?closed=1
+
+Open:
+https://github.com/Exiv2/exiv2/milestone/9?open=1
+
+Release Notes:
+https://github.com/Exiv2/exiv2/issues/1018#issuecomment-948573657
+
++++++++++++++++++++++++++++++++++++++
+------------- History ---------------
++++++++++++++++++++++++++++++++++++++
+
+>>>>>>> c5b922cf5 (Exiv2 v0.28.3)
 Changes from version 0.27.3 to 0.27.4
 -------------------------------------
 

meson.build

@@ -1,7 +1,11 @@
 project(
   'exiv2',
   'cpp',
+<<<<<<< HEAD
   version: '1.0.0',
+=======
+  version: '0.28.3',
+>>>>>>> c5b922cf5 (Exiv2 v0.28.3)
   meson_version: '>=0.54.1',
   default_options: ['warning_level=0', 'cpp_std=c++17'],
 )

po/exiv2.pot

@@ -6,9 +6,15 @@
 #, fuzzy
 msgid ""
 msgstr ""
+<<<<<<< HEAD
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: [email protected]\n"
 "POT-Creation-Date: 2017-03-21 21:42+0100\n"
+=======
+"Project-Id-Version: exiv2 0.28.3\n"
+"Report-Msgid-Bugs-To: https://github.com/Exiv2/exiv2/issues\n"
+"POT-Creation-Date: 2024-04-03 16:17+0200\n"
+>>>>>>> c5b922cf5 (Exiv2 v0.28.3)
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <[email protected]>\n"